Re: named.conf Default Location?

On 12.01.2016 20:29, Tim Daneliuk wrote: > I have two FreeBSD 10 machines on which I have installed the bind99 port. > > The manpage for named on machine 1 says that it looks for the named.conf > by default in /usr/local/etc/namedb. Machine 2's manpage says it looks > in /etc/namedb. > >

Re: named.conf Default Location?

Tim Daneliuk wrote: > > The manpage for named on machine 1 says that it looks for the named.conf > by default in /usr/local/etc/namedb. Machine 2's manpage says it looks > in /etc/namedb. > > Which is correct? Is the /etc/namedb symlink even needed anymore? The man pages

Re: Bind9 on VMWare

> we don't run *anything* on physical machines and all our nameservers > (auth, caching with a mix of bind/unbound/rbldnsd) as anything else runs > on top of VMware vSphere 5.5, previously 4.1/5.0 since 2008 > > there is zero to no justification these days for run anything on bare > metal when

Re: Mitigation of server's load by queries for non-existing domains

On 12.01.2016 18:16, Tony Finch wrote: > Tomas Hozza wrote: >> >> Recently I was trying to find a mechanism in BIND that could prevent the >> server from processing a recursive query for non-existing domains. > > Have a look at

Bind9 on VMWare

Hello bind-users We have to deploy new auth. and caching DNS Servers in our environment and we're unsure how we should set it up. current setup - We currently have two main pop's and in each one a physical auth. and caching server. All four boxes are running Bind9.x on FreeBSD

Re: Bind9 on VMWare

> > Complexity? > > which complexity? > > a virtual guest is less complex because you don't need a ton of daemons > for hardware-monitoring, drivers and what not on the guest For me the relevant comparison is my ordinary OS vs. my ordinary OS + VMWare. > complex are 30 phyiscal servers

RE: Bind9 on VMWare

>> I'm not sure if it is a good thing to have physical serves, although we have >> a vmware cluster in both nodes which has enough capacity (ram, cpu, disk)? >> I once read that the vmware boxes have a performance issue with heavy udp >> based services. Did anyone of you face such an issue? Are

Re: Bind9 on VMWare

Am 13.01.2016 um 13:50 schrieb Ray Bellis: On 13/01/2016 12:44, Reindl Harald wrote: where did you read that? we don't run *anything* on physical machines and all our nameservers (auth, caching with a mix of bind/unbound/rbldnsd) as anything else runs on top of VMware vSphere 5.5,

Re: Bind9 on VMWare

Am 13.01.2016 um 13:34 schrieb Philippe Maechler: I'm not sure if it is a good thing to have physical serves, although we have a vmware cluster in both nodes which has enough capacity (ram, cpu, disk)? I once read that the vmware boxes have a performance issue with heavy udp based services.

Re: Bind9 on VMWare

On 13/01/2016 12:44, Reindl Harald wrote: > where did you read that? > > we don't run *anything* on physical machines and all our nameservers > (auth, caching with a mix of bind/unbound/rbldnsd) as anything else runs > on top of VMware vSphere 5.5, previously 4.1/5.0 since 2008 ISTR that some

Re: Bind9 on VMWare

first: no idea why you can't just respond to the list instead break "reply-list" and threading for others where duplicate mail get filtered and the offlist-reply without headers arrives Am 13.01.2016 um 14:06 schrieb sth...@nethelp.no: we don't run *anything* on physical machines and all our

Re: Extracting stats from BIND XML stats file : issues

On Wednesday, January 13, 2016 at 11:34:16 AM UTC-8, blrmaani wrote: > Hi, > I am trying to get Ipv4 query rate for our DNS server. I am taking 2 > snapshots with a delay of 60 seconds between these snapshots. > > curl : > /tmp/snapshot1.xml > sleep 60 > curl : > /tmp/snapshot2.xml > > >

Re: Bind9 on VMWare

On 1/13/16, 10:28 AM, "bind-users-boun...@lists.isc.org on behalf of Reindl Harald" wrote: > > >Am 13.01.2016 um 16:19 schrieb Lightner, Jeff: >> We chose to do BIND on physical for our externally authoritative >>servers. >>

Extracting stats from BIND XML stats file : issues

Hi, I am trying to get Ipv4 query rate for our DNS server. I am taking 2 snapshots with a delay of 60 seconds between these snapshots. curl : > /tmp/snapshot1.xml sleep 60 curl : > /tmp/snapshot2.xml I am calculating queryrate as below query_rate = (Queryv4_value2 - Queryv4_value1) /

Re: Bind9 on VMWare

Am 13.01.2016 um 19:54 schrieb Mike Hoskins (michoski): I've ran several large DNS infras over the years. Back in 2005/6 I finally drank the koolaid and migrated a large caching infra (authoritative was kept on bare metal) to VMWare+Linux i would be careful compare 2005/2006 with now for a

Re: Bind9 on VMWare

On 1/13/16, 4:02 PM, "bind-users-boun...@lists.isc.org on behalf of Reindl Harald" wrote: >Am 13.01.2016 um 19:54 schrieb Mike Hoskins (michoski): >> I've ran several large DNS infras over the years. Back in 2005/6 I >>

What is the use of having a chroot path during installation of Bind

Hello, When installing bind, the following 2 are installed bind-9.8.2-0.17.rc1.el6.x86_64 bind-chroot-9.8.2-0.17.rc1.el6.x86_64 What is the need of this bind-chroot? I see all files in /var/named path are softlinks to /var/named/chroot/var/named and /etc/named.conf is softlink to

RE: Bind9 on VMWare

> > > Complexity? > > > > which complexity? > > > > a virtual guest is less complex because you don't need a ton of daemons > > for hardware-monitoring, drivers and what not on the guest > > For me the relevant comparison is my ordinary OS vs. my ordinary OS + > VMWare. > > > complex are 30

RE: Mitigation of server's load by queries for non-existing domains

Tony, Didn't see this mentioned in the other thread messages, but depending on what version of BIND you are using you may find a lot of benefit in using the Response Rate Limiting (RRL) feature. https://www.isc.org/blogs/bind-9-9-4-released/ We have found it to be VERY

RE: Bind9 on VMWare

We chose to do BIND on physical for our externally authoritative servers. We use Windows DNS for internal. One thing you should do if you're doing virtual is be sure you don't have your guests running on the same node of a cluster. If that node fails your DNS is going down. Ideally if

Re: Bind9 on VMWare

Am 13.01.2016 um 16:19 schrieb Lightner, Jeff: We chose to do BIND on physical for our externally authoritative servers. We use Windows DNS for internal. One thing you should do if you're doing virtual is be sure you don't have your guests running on the same node of a cluster. If that

Re: Bind9 on VMWare

Hello Philippe >> where did you read that? > > I don't remember where I read that. I guess it was on a mailing list where > the OP had issues with either a DHCP or syslog server. It all came down to > the vmware host/switch which was not good enough for udp services. Could be > that this was on

Re: Mitigation of server's load by queries for non-existing domains

On Wed, Jan 13, 2016 at 8:35 AM, Tomas Hozza wrote: > On 12.01.2016 18:16, Tony Finch wrote: >> Tomas Hozza wrote: >>> >>> Recently I was trying to find a mechanism in BIND that could prevent the >>> server from processing a recursive query for non-existing